Anderson Hoffmann do Carmo
2017-May-25 16:54 UTC
[Samba] CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
Hi We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with some Windows Clients The Ubuntu repository not update samba package (last version is 4.3.11). Please, how am i can fix the CVE-2017-7494 (Remote code execution from a writable share) in my SAMBA server? Should option 'nt pipe support = no' will influence how SAMBA_AD works? Anderson Hoffmann
Data Control Systems - Mike Elkevizth
2017-May-25 16:59 UTC
[Samba] CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
According to the changelog from Ubuntu ( http://changelogs.ubuntu.com/changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.7/changelog) this fix has been backported into the Ubuntu 4.3.11 packages. samba (2:4.3.11+dfsg-0ubuntu0.16.04.7) xenial-security; urgency=medium * SECURITY UPDATE: remote code execution from a writable share - debian/patches/CVE-2017-7494.patch: refuse to open pipe names with a slash inside in source3/rpc_server/srv_pipe.c. - CVE-2017-7494 -- Marc Deslauriers <marc.deslauriers at ubuntu.com> Fri, 19 May 2017 14:18:13 -0400 Mike E. On Thu, May 25, 2017 at 12:54 PM, Anderson Hoffmann do Carmo via samba < samba at lists.samba.org> wrote:> Hi > > We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with > some Windows Clients > The Ubuntu repository not update samba package (last version is 4.3.11). > > Please, how am i can fix the CVE-2017-7494 (Remote code execution from a > writable share) in my SAMBA server? > > Should option 'nt pipe support = no' will influence how SAMBA_AD works? > > > Anderson Hoffmann > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Anderson Hoffmann do Carmo
2017-May-25 17:13 UTC
[Samba] CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
Hi Mike Thank you for the information! :-) Anderson Hoffmann 2017-05-25 13:59 GMT-03:00 Data Control Systems - Mike Elkevizth < mike at datacontrolsystems.com>:> According to the changelog from Ubuntu (http://changelogs.ubuntu.com/ > changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.7/changelog) > this fix has been backported into the Ubuntu 4.3.11 packages. > > samba (2:4.3.11+dfsg-0ubuntu0.16.04.7) xenial-security; urgency=medium > > * SECURITY UPDATE: remote code execution from a writable share > - debian/patches/CVE-2017-7494.patch: refuse to open pipe names with a > slash inside in source3/rpc_server/srv_pipe.c. > - CVE-2017-7494 > > -- Marc Deslauriers <marc.deslauriers at ubuntu.com> Fri, 19 May 2017 > 14:18:13 -0400 > > Mike E. > > > On Thu, May 25, 2017 at 12:54 PM, Anderson Hoffmann do Carmo via samba < > samba at lists.samba.org> wrote: > >> Hi >> >> We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with >> some Windows Clients >> The Ubuntu repository not update samba package (last version is 4.3.11). >> >> Please, how am i can fix the CVE-2017-7494 (Remote code execution from a >> writable share) in my SAMBA server? >> >> Should option 'nt pipe support = no' will influence how SAMBA_AD works? >> >> >> Anderson Hoffmann >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > >
Possibly Parallel Threads
- CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
- Latest Ubuntu 16.04 samba upgrade breaks external ldap auth (CVE-2020-10704)
- Latest Ubuntu 16.04 samba upgrade breaks external ldap auth (CVE-2020-10704)
- Latest Ubuntu 16.04 samba upgrade breaks external ldap auth (CVE-2020-10704)
- how to backup samba ad domain